<html>
<head><title>Project 1B</title></head>
<body>

<h1>Movie/Actor Database</h1>
Corey Quon<br />
803786588<br />
CS 143 <br />
Type a SQL SELECT query in the following box:
<p>
<form action = "query.php" method = "post">
	<TEXTAREA name = "query" ROWS=10 COLS=50></TEXTAREA>
	<input type="submit"/>
</form>
</p>
<ul>
<li>Assumes that valid SELECT statements will be queried only
</ul>
Query Results: <br />
</body>
</html>


<?php

$query = $_POST["query"];
$db_connection = mysql_connect("localhost","cs143","");

if(!$db_connection) {
    $errmsg = mysql_error($db_connection);
    print "Connection failed: $errmsg <br />";
    exit(1);
}

$database = 'CS143';
mysql_select_db($database, $db_connection);
$sanitized_query = mysql_real_escape_string($query,$db_connection);
$rs = mysql_query($query, $db_connection);

if($rs == TRUE)
{
	$numFields = mysql_num_fields($rs);

/** Print out column field names ***************************************************/

	echo "<table border=1 cellspacing=1 cellpadding=2>
	<tr align=center>";

	$i = 0;
	while($i < $numFields)
	{
		echo "<th>";
		echo mysql_field_name($rs,$i);
		echo "</th>";
		$i++;
	}
	echo "</tr>";

/***********************************************************************************/

/** Print out rows *****************************************************************/

	while($row = mysql_fetch_row($rs))
	{
		$j = 0;
		echo "<tr align=center>";
		while($j < $numFields)
		{
			echo "<td>" . $row[$j] . "</td>";
			$j++;
		}
		echo "</tr>";
	}
	echo "</table>";
	
/***********************************************************************************/

}

mysql_close($db_connection);

?>